const check_req_upload = ["token", "candidate_name", "id_number", "nation", "home_address", "gender", "political_outlook", "birth_data", "face", "contact_number", "postcode", "contact_address", "emergency_contact", "emergency_contact_mode", "graduate_school", "graduation_school_code", "graduation_major", "diploma_code", "registration_institutions", "registered_institution_code", "major", "major_code", "tcandidate_type", "awards", "specialty", "remarks"];
const check_req_search = ["token", "id_number"];
const check_req_stu_login = ["id_number", "password"];
const check_req_tea_login = ["phone_number", "password"];
const check_req_change_achievement = ["token", "id_number", "public_course_score", "major_course_score"];
const check_req_change_admission = ["token", "id_number", "admission"];
const check_req_change_audit = ["token", "id_number", "audit"];
const check_req_stu_list = ["token", "page_num", "page_size"];
const check_req_course = ["major_code"];
const TEA_SECRETORPRIVATEKEY = "unrpyc_teacher";
const STU_SECRETORPRIVATEKEY = "unrpyc_satudent";
const JSON_HD = "application/json; charset=utf8";
const URL_STUDENT_LOGIN = "/student/login";
const URL_SEARCH_STUDENT_LIST = "/teacher/student/list";
const URL_SEARCH_STUDENT_INFORMATION = "/teacher/student/information";
const URL_SEARCH_COURSE = "/public/course";
const URL_STUDENT_REGISTER = "/student/register";
const URL_TEACHER_REGISTER = "/teacher/register";
const URL_SEARCH_INFORMATION = "/user/information";
const URL_SEARCH_ACHIEVEMENT = "/user/achievement";
const URL_UPLOAD = "/user/upload";
const URL_SEARCH_AUDIT_STATU = "/user/audit/statu";
const URL_SEARCH_ADMISSION_STATU = "/user/admission/statu";
const URL_CHANGE_AUDIT = "/teacher/audit";
const URL_CHANGE_ADMISSION = "/teacher/admission";
const URL_CHANGE_ACHIEVEMENT = "/teacher/achievement";
const URL_TEACHER_LOGIN = "/teacher/login";

const sql = 'CREATE DATABASE IF NOT EXISTS ManagementSystem CHARACTER SET utf8 COLLATE utf8_general_ci; USE ManagementSystem; CREATE TABLE IF NOT EXISTS user ( id int AUTO_INCREMENT, id_number VARCHAR(255) unique, password VARCHAR(20), PRIMARY KEY (id_number, id)) engine=MyISAM;  CREATE TABLE IF NOT EXISTS teacher ( id int AUTO_INCREMENT, phone_number VARCHAR(255), password VARCHAR(20), PRIMARY KEY (id)) engine=MyISAM;  CREATE TABLE IF NOT EXISTS userinfo (id int AUTO_INCREMENT, id_number VARCHAR(20) unique, candidate_name VARCHAR(20), nation VARCHAR(20), home_address VARCHAR(20), gender VARCHAR(20), political_outlook VARCHAR(20), birth_data VARCHAR(20), face VARCHAR(1000), contact_number VARCHAR(20), postcode VARCHAR(20), contact_address VARCHAR(20), emergency_contact VARCHAR(20), emergency_contact_mode VARCHAR(20), graduate_school VARCHAR(20), graduation_school_code VARCHAR(20), graduation_major VARCHAR(20), diploma_code VARCHAR(20), registration_institutions VARCHAR(20), registered_institution_code VARCHAR(20), major VARCHAR(20), major_code VARCHAR(20), tcandidate_type VARCHAR(20), awards VARCHAR(255), specialty VARCHAR(255), remarks VARCHAR(255), audit VARCHAR(255), PRIMARY KEY (id_number,id), FOREIGN KEY(id_number) REFERENCES user(id_number)) engine=MyISAM;  CREATE TABLE IF NOT EXISTS major ( major_code VARCHAR(20), major VARCHAR(20), public_course VARCHAR(20), major_course VARCHAR(20), PRIMARY KEY (major_code)) engine=MyISAM;  CREATE TABLE IF NOT EXISTS score (id int AUTO_INCREMENT, id_number VARCHAR(20) unique, public_course_score VARCHAR(3), major_course_score VARCHAR(3), enroll VARCHAR(10), PRIMARY KEY (id_number,id), FOREIGN KEY(id_number) REFERENCES user(id_number)) engine=MyISAM;  REPLACE INTO major VALUES ("030101k", "法学", "大学英语", "宪法学");  REPLACE INTO major VALUES ("040106", "学前教育", "大学英语", "学前儿童健康教育");  REPLACE INTO major VALUES ("080202", "机械设计制造及其自动化", "机械设计基础", "宪法学");  REPLACE INTO major VALUES ("080701", "电子信息工程", "大学英语", "电路");  REPLACE INTO major VALUES ("081001", "土木工程", "大学英语", "土木工程材料");  REPLACE INTO major VALUES ("080901", "计算机科学与技术", "大学英语", "C语言程序设计");  REPLACE INTO major VALUES ("101003", "医学影像技术", "大学英语", "医学影像设备学");  REPLACE INTO major VALUES ("101101", "护理学", "大学英语", "基础护理学");  REPLACE INTO major VALUES ("120204", "财务管理", "大学英语", "管理学基础");  REPLACE INTO major VALUES ("120801", "电子商务", "大学英语", "管理学基础");';
let http = require('http');
let mysql = require('mysql');
let jsonWebToken = require('jsonwebtoken');
let pool = mysql.createPool({
	host: 'localhost',
	user: '你的用户名',
	password: '你的密码`',
	protocol: 'mysql',
	multipleStatements: true,
	connectionLimit: 1000
});
pool.getConnection(function(err, conn) {
	if (err) {}
	conn.query(sql,
	function(err, data) {
		if (err) {
			console.log(err)
		} else {
			console.log('Database connection successful');
			console.log('Database initialization created successfully')
		}
		conn.release()
	})
});
http.createServer(function(req, res) {
	if (req.url == URL_STUDENT_LOGIN) {
		let body = "";
		req.on('data',
		function(chunk) {
			body += chunk
		});
		req.on('end',
		function() {
			res.writeHead(200, {
				"Content-Type": JSON_HD,
				//跨域三个头
				"Access-Control-Allow-Origin":"*",
				"Access-Control-Allow-Method":"POST,GET",
				"Access-Control-Allow-Headers":"Content-Type"
			});
			if (isJsonString(body) == 0) {
				let body = '{"statu":0,"msg":"非法请求"}';
				res.end(body)
			} else {
				let jsonData = JSON.parse(body);
				if (check_parameters(check_req_stu_login, jsonData) == 0) {
					let body = '{"statu":0,"msg":"非法请求"}';
					res.end(body)
				} else {
					let id_number = JSON.stringify(jsonData.id_number);
					let password = JSON.stringify(jsonData.password);
					let sql = 'SELECT * FROM user WHERE id_number = ' + id_number + ' AND password = ' + password + '';
					pool.getConnection(function(err, conn) {
						if (err) {}
						conn.query(sql,
						function(err, data) {
							if (err) {} else {
								if (JSON.stringify(data) == '[]') {
									let body = '{"statu":0,"msg":"登录失败"}';
									res.end(body)
								} else {
									let token = create_token({
										id_number: data[0].id_number
									},
									STU_SECRETORPRIVATEKEY).toString();
									let body = '{"statu":1,"token":"' + token + '","msg":"登录成功"}';
									res.end(body)
								}
							}
							conn.release()
						})
					})
				}
			}
		})
	} else if (req.url == URL_UPLOAD) {
		let body = "";
		req.on('data',
		function(chunk) {
			body += chunk;
		});
		req.on('end',
		function() {
			res.writeHead(200, {
				"Content-Type": JSON_HD,
				//跨域三个头
				"Access-Control-Allow-Origin":"*",
				"Access-Control-Allow-Method":"POST,GET",
				"Access-Control-Allow-Headers":"Content-Type"
			});
			if (isJsonString(body) == 0) {
				let body = '{"statu":0,"msg":"非法请求"}';
				res.end(body);
			} else {
				let jsonData = JSON.parse(body);
				if (check_parameters(check_req_upload, jsonData) == 0) {
					let body = '{"statu":0,"msg":"非法请求"}';
					res.end(body);
				} else {
					let token = JSON.stringify(jsonData.token);
					token = token.replace(/"/g, '');
					res.writeHead(200, {
						"Content-Type": JSON_HD,
						//跨域三个头
						"Access-Control-Allow-Origin":"*",
						"Access-Control-Allow-Method":"POST,GET",
						"Access-Control-Allow-Headers":"Content-Type"
					});
					let sql = 'UPDATE userinfo SET candidate_name = "' + jsonData.candidate_name + '", nation = "' + jsonData.nation + '", home_address = "' + jsonData.home_address + '", gender = "' + jsonData.gender + '", political_outlook = "' + jsonData.political_outlook + '", birth_data = "' + jsonData.birth_data + '", face = "' + jsonData.face + '", contact_number = "' + jsonData.contact_number + '", postcode = "' + jsonData.postcode + '", contact_address = "' + jsonData.contact_address + '", emergency_contact = "' + jsonData.emergency_contact + '", emergency_contact_mode = "' + jsonData.emergency_contact_mode + '", graduate_school = "' + jsonData.graduate_school + '", graduation_school_code = "' + jsonData.graduation_school_code + '", graduation_major = "' + jsonData.graduation_major + '", diploma_code = "' + jsonData.diploma_code + '", registration_institutions = "' + jsonData.registration_institutions + '", registered_institution_code = "' + jsonData.registered_institution_code + '", major = "' + jsonData.major + '", major_code = "' + jsonData.major_code + '", tcandidate_type = "' + jsonData.tcandidate_type + '", awards = "' + jsonData.awards + '", specialty = "' + jsonData.specialty + '", remarks = "' + jsonData.remarks + '" WHERE id_number = "' + jsonData.id_number + '";';
					jsonWebToken.verify(token, STU_SECRETORPRIVATEKEY,
					function(err, decode) {
						if (err) {
							let body = '{"statu":0,"msg":"上传失败"}';
							res.end(body);
						} else {
							if (decode.id_number == jsonData.id_number) {
								pool.getConnection(function(err, conn) {
									if (err) {}
									conn.query(sql,
									function(err, data) {
										if (err) {
											console.log(err);
											let body = '{"statu":0,"msg":"上传失败"}';
											res.end(body);
										} else {
											let body = '{"statu":1,"msg":"上传成功"}';
											res.end(body);

										}
										conn.release();
									})
								})
							} else {
								let body = '{"statu":0,"msg":"越权操作"}';
								res.end(body);
							}

						}
					})
				}
			}
		})
	} else if (req.url == URL_SEARCH_INFORMATION) {
		let body = "";
		req.on('data',
		function(chunk) {
			body += chunk;
		});
		req.on('end',
		function() {
			res.writeHead(200, {
				"Content-Type": JSON_HD,
				//跨域三个头
				"Access-Control-Allow-Origin":"*",
				"Access-Control-Allow-Method":"POST,GET",
				"Access-Control-Allow-Headers":"Content-Type"
			});
			if (isJsonString(body) == 0) {
				let body = '{"statu":0,"msg":"非法请求"}';
				res.end(body);
			} else {
				let jsonData = JSON.parse(body);
				if (check_parameters(check_req_search, jsonData) == 0) {
					let body = '{"statu":0,"msg":"非法请求"}';
					res.end(body);
				} else {
					let token = JSON.stringify(jsonData.token);
					token = token.replace(/"/g, '');
					let id_number = JSON.stringify(jsonData.id_number);
					let sql = 'SELECT * FROM userinfo WHERE id_number = ' + id_number + ';';
					jsonWebToken.verify(token, STU_SECRETORPRIVATEKEY,
					function(err, decode) {
						if (err) {
							let body = '{"statu":0,"msg":"查询失败"}';
							res.end(body);
						} else {
							if (decode.id_number != id_number) {
								let body = '{"statu":0,"msg":"越权操作"}';
								res.end(body);
							} else {
								pool.getConnection(function(err, conn) {
									if (err) {}
									conn.query(sql,
									function(err, data) {
										if (err) {
											let body = '{"statu":0,"msg":"查询失败"}';
											res.end(body);
										} else {
											if (JSON.stringify(data) == "[]") {
												let body = '{"statu":0,"msg":"查询失败"}';
												res.end(body);
											} else {
												let body = '[{"statu":1,"msg":"查询成功"},{"candidate_name":"' + data[0].candidate_name + '","id_number":"' + data[0].id_number + '","nation":"' + data[0].nation + '","home_address":"' + data[0].home_address + '","gender":"' + data[0].gender + '","political_outlook":"' + data[0].political_outlook + '","birth_data":"' + data[0].birth_data + '","face":"' + data[0].face + '"},{"contact_number":"' + data[0].contact_number + '","postcode":"' + data[0].postcode + '","contact_address":"' + data[0].contact_address + '","emergency_contact":"' + data[0].emergency_contact + '","emergency_contact_mode":"' + data[0].emergency_contact_mode + '"},{"graduate_school":"' + data[0].graduate_school + '","graduation_school_code":"' + data[0].graduation_school_code + '","graduation_major":"' + data[0].graduation_major + '","diploma_code":"' + data[0].diploma_code + '","registration_institutions":"' + data[0].registration_institutions + '","registered_institution_code":"' + data[0].registered_institution_code + '","major":"' + data[0].major + '","major_code":"' + data[0].major_code + '","tcandidate_type":"' + data[0].tcandidate_type + '"},{"awards":"' + data[0].awards + '","specialty":"' + data[0].specialty + '","remarks":"' + data[0].remarks + '"}]';
												res.end(body);
											}
										}
										conn.release();
									})
								})
							}

						}
					})
				}
			}
		})
	} else if (req.url == URL_SEARCH_ADMISSION_STATU) {
		let body = "";
		req.on('data',
		function(chunk) {
			body += chunk;
		});
		req.on('end',
		function() {
			res.writeHead(200, {
				"Content-Type": JSON_HD,
				//跨域三个头
				"Access-Control-Allow-Origin":"*",
				"Access-Control-Allow-Method":"POST,GET",
				"Access-Control-Allow-Headers":"Content-Type"
			});
			if (isJsonString(body) == 0) {
				let body = '{"statu":0,"msg":"非法请求"}';
				res.end(body);
			} else {
				let jsonData = JSON.parse(body);
				if (check_parameters(check_req_search, jsonData) == 0) {
					let body = '{"statu":0,"msg":"非法请求"}';
					res.end(body);
				} else {
					let token = JSON.stringify(jsonData.token);
					token = token.replace(/"/g, '');
					let id_number = JSON.stringify(jsonData.id_number);
					let sql = 'SELECT enroll FROM score WHERE id_number = ' + id_number + ';';
					jsonWebToken.verify(token, STU_SECRETORPRIVATEKEY,
					function(err, decode) {
						if (err) {
							let body = '{"statu":0,"msg":"查询失败"}';
							res.end(body);
						} else {
							if (decode.id_number != id_number) {
								let body = '{"statu":0,"msg":"越权操作"}';
								res.end(body);
							} else {
								pool.getConnection(function(err, conn) {
									if (err) {}
									conn.query(sql,
									function(err, data) {
										if (err) {
											let body = '{"statu":0,"msg":"查询失败"}';
											res.end(body);
										} else {
											if (JSON.stringify(data) == "[]") {
												let body = '{"statu":0,"msg":"查询失败"}';
												res.end(body);
											} else {
												let body = '[{"statu":1,"msg":"查询成功"}, {"enroll":"' + data[0].enroll + '"]}';
												res.end(body);
											}
										}
										conn.release();
									})
								})
							}

						}
					})
				}
			}
		})
	} else if (req.url == URL_SEARCH_AUDIT_STATU) {
		let body = "";
		req.on('data',
		function(chunk) {
			body += chunk;
		});
		req.on('end',
		function() {
			res.writeHead(200, {
				"Content-Type": JSON_HD,
				//跨域三个头
				"Access-Control-Allow-Origin":"*",
				"Access-Control-Allow-Method":"POST,GET",
				"Access-Control-Allow-Headers":"Content-Type"
			});
			if (isJsonString(body) == 0) {
				let body = '{"statu":0,"msg":"非法请求"}';
				res.end(body);
			} else {
				let jsonData = JSON.parse(body);
				if (check_parameters(check_req_search, jsonData) == 0) {
					let body = '{"statu":0,"msg":"非法请求"}';
					res.end(body);
				} else {
					let token = JSON.stringify(jsonData.token);
					token = token.replace(/"/g, '');
					let id_number = JSON.stringify(jsonData.id_number);
					let sql = 'SELECT audit FROM userinfo WHERE id_number = ' + id_number + ';';
					jsonWebToken.verify(token, STU_SECRETORPRIVATEKEY,
					function(err, decode) {
						if (err) {
							let body = '{"statu":0,"msg":"查询失败"}';
							res.end(body);
						} else {
							if (decode.id_number != id_number) {
								let body = '{"statu":0,"msg":"越权操作"}';
								res.end(body);
							} else {
								pool.getConnection(function(err, conn) {
									if (err) {}
									conn.query(sql,
									function(err, data) {
										if (err) {
											let body = '{"statu":0,"msg":"查询失败"}';
											res.end(body);
										} else {
											if (JSON.stringify(data) == "[]") {
												let body = '{"statu":0,"msg":"查询失败"}';
												res.end(body);
											} else {
												let body = '[{"statu":1,"msg":"查询成功"},{"audit":"' + data[0].audit + '"}]';
												res.end(body);
											}
										}
										conn.release();
									})
								})
							}

						}
					})
				}
			}
		})
	} else if (req.url == URL_SEARCH_ACHIEVEMENT) {
		let body = "";
		req.on('data',
		function(chunk) {
			body += chunk;
		});
		req.on('end',
		function() {
			res.writeHead(200, {
				"Content-Type": JSON_HD,
				//跨域三个头
				"Access-Control-Allow-Origin":"*",
				"Access-Control-Allow-Method":"POST,GET",
				"Access-Control-Allow-Headers":"Content-Type"
			});
			if (isJsonString(body) == 0) {
				let body = '{"statu":0,"msg":"非法请求"}';
				res.end(body);
			} else {
				let jsonData = JSON.parse(body);
				if (check_parameters(check_req_search, jsonData) == 0) {
					let body = '{"statu":0,"msg":"非法请求"}';
					res.end(body);
				} else {
					let token = JSON.stringify(jsonData.token);
					token = token.replace(/"/g, '');
					let id_number = JSON.stringify(jsonData.id_number);
					let sql = 'SELECT public_course_score, major_course_score FROM score WHERE id_number = ' + id_number + ';';
					jsonWebToken.verify(token, STU_SECRETORPRIVATEKEY,
					function(err, decode) {
						if (err) {
							let body = '{"statu":0,"msg":"查询失败"}';
							res.end(body);
						} else {
							if (decode.id_number != id_number) {
								let body = '{"statu":0,"msg":"越权操作"}';
								res.end(body);
							} else {
								pool.getConnection(function(err, conn) {
									if (err) {}
									conn.query(sql,
									function(err, data) {
										if (err) {
											let body = '{"statu":0,"msg":"查询失败"}';
											res.end(body);
										} else {
											if (JSON.stringify(data) == "[]") {
												let body = '{"statu":0,"msg":"查询失败"}';
												res.end(body);
											} else {
												let body = '[{"statu":1,"msg":"查询成功"},{"public_course_score":"' + data[0].public_course_score + '","major_course_score":"' + data[0].major_course_score + '"}]';
												res.end(body);
											}
										}
										conn.release();
									})
								})
							}

						}
					})
				}
			}
		})
	} else if (req.url == URL_TEACHER_LOGIN) {
		let body = "";
		req.on('data',
		function(chunk) {
			body += chunk;
		});
		req.on('end',
		function() {
			res.writeHead(200, {
				"Content-Type": JSON_HD,
				//跨域三个头
				"Access-Control-Allow-Origin":"*",
				"Access-Control-Allow-Method":"POST,GET",
				"Access-Control-Allow-Headers":"Content-Type"
			});
			if (isJsonString(body) == 0) {
				let body = '{"statu":0,"msg":"非法请求"}';
				res.end(body);
			} else {
				let jsonData = JSON.parse(body);
				if (check_parameters(check_req_tea_login, jsonData) == 0) {
					let body = '{"statu":0,"msg":"非法请求"}';
					res.end(body);
				} else {
					let phone_number = JSON.stringify(jsonData.phone_number);
					let password = JSON.stringify(jsonData.password); 
					let sql = 'SELECT * FROM teacher WHERE phone_number = ' + phone_number + ' AND password = ' + password + '';
					pool.getConnection(function(err, conn) {
						if (err) {}
						conn.query(sql,
						function(err, data) {
							if (err) {} else {
								if (JSON.stringify(data) == '[]') {
									let body = '{"statu":0,"msg":"登录失败"}';
									res.end(body)
								} else {
									let token = create_token({
										phone_number: data[0].phone_number
									},
									TEA_SECRETORPRIVATEKEY).toString();
									let body = '{"statu":1,"token":"' + token + '","msg":"登录成功"}';
									res.end(body)
								}
							}
							conn.release()
						})
					})
				}
			}
		})
	} else if (req.url == URL_CHANGE_ACHIEVEMENT) {
		let body = "";
		req.on('data',
		function(chunk) {
			body += chunk;
		});
		req.on('end',
		function() {
			res.writeHead(200, {
				"Content-Type": JSON_HD,
				//跨域三个头
				"Access-Control-Allow-Origin":"*",
				"Access-Control-Allow-Method":"POST,GET",
				"Access-Control-Allow-Headers":"Content-Type"
			});
			if (isJsonString(body) == 0) {
				let body = '{"statu":0,"msg":"非法请求"}';
				res.end(body);
			} else {
				let jsonData = JSON.parse(body);
				if (check_parameters(check_req_change_achievement, jsonData) == 0) {
					let body = '{"statu":0,"msg":"非法请求"}';
					res.end(body);
				} else {
					let token = JSON.stringify(jsonData.token);
					token = token.replace(/"/g, '');
					let public_course_score = JSON.stringify(jsonData.public_course_score);
					let major_course_score = JSON.stringify(jsonData.major_course_score);
					let id_number = JSON.stringify(jsonData.id_number); 
					let sql = 'UPDATE score SET public_course_score = ' + public_course_score + ', major_course_score = ' + major_course_score + ' WHERE id_number = ' + id_number + ' ';
					jsonWebToken.verify(token, TEA_SECRETORPRIVATEKEY,
					function(err, decode) {
						if (err) {
							let body = '{"statu":0,"msg":"更改失败"}';
							console.log(err);
							res.end(body);
						} else {
							pool.getConnection(function(err, conn) {
								if (err) {}
								conn.query(sql,
								function(err, data) {
									if (err) {
										let body = '{"statu":0,"msg":"更改失败"}';
										res.end(body);
									} else {
										let body = '{"statu":1, "msg":"更改成功"}';
										res.end(body);
									}
									conn.release()
								})
							})
						}
					});

				}
			}
		})
	} else if (req.url == URL_CHANGE_ADMISSION) {
		let body = "";
		req.on('data',
		function(chunk) {
			body += chunk;
		});
		req.on('end',
		function() {
			res.writeHead(200, {
				"Content-Type": JSON_HD,
				//跨域三个头
				"Access-Control-Allow-Origin":"*",
				"Access-Control-Allow-Method":"POST,GET",
				"Access-Control-Allow-Headers":"Content-Type"
			});
			if (isJsonString(body) == 0) {
				let body = '{"statu":0,"msg":"非法请求"}';
				res.end(body);
			} else {
				let jsonData = JSON.parse(body);
				if (check_parameters(check_req_change_admission, jsonData) == 0) {
					let body = '{"statu":0,"msg":"非法请求"}';
					res.end(body);
				} else {
					let token = JSON.stringify(jsonData.token);
					token = token.replace(/"/g, '');
					let admission = JSON.stringify(jsonData.admission);
					let id_number = JSON.stringify(jsonData.id_number); 
					let sql = 'UPDATE score SET enroll = ' + admission + ' WHERE id_number = ' + id_number + ' ';
					jsonWebToken.verify(token, TEA_SECRETORPRIVATEKEY,
					function(err, decode) {
						if (err) {
							let body = '{"statu":0,"msg":"更改失败"}';
							res.end(body);
						} else {
							pool.getConnection(function(err, conn) {
								if (err) {}
								conn.query(sql,
								function(err, data) {
									if (err) {
										let body = '{"statu":0,"msg":"更改失败"}';
										res.end(body);
									} else {
										let body = '{"statu":1, "msg":"更改成功"}';
										res.end(body);
									}
									conn.release()
								})
							})
						}
					});

				}
			}
		})
	} else if (req.url == URL_CHANGE_AUDIT) {
		let body = "";
		req.on('data',
		function(chunk) {
			body += chunk;
		});
		req.on('end',
		function() {
			res.writeHead(200, {
				"Content-Type": JSON_HD,
				//跨域三个头
				"Access-Control-Allow-Origin":"*",
				"Access-Control-Allow-Method":"POST,GET",
				"Access-Control-Allow-Headers":"Content-Type"
			});
			if (isJsonString(body) == 0) {
				let body = '{"statu":0,"msg":"非法请求"}';
				res.end(body);
			} else {
				let jsonData = JSON.parse(body);
				if (check_parameters(check_req_change_audit, jsonData) == 0) {
					let body = '{"statu":0,"msg":"非法请求"}';
					res.end(body);
				} else {
					let token = JSON.stringify(jsonData.token);
					token = token.replace(/"/g, '');
					let audit = JSON.stringify(jsonData.audit);
					let id_number = JSON.stringify(jsonData.id_number); 
					let sql = 'UPDATE userinfo SET audit = ' + audit + ' WHERE id_number = ' + id_number + ' ';
					jsonWebToken.verify(token, TEA_SECRETORPRIVATEKEY,
					function(err, decode) {
						if (err) {
							let body = '{"statu":0,"msg":"更改失败"}';
							res.end(body);
						} else {
							pool.getConnection(function(err, conn) {
								if (err) {}
								conn.query(sql,
								function(err, data) {
									if (err) {
										let body = '{"statu":0,"msg":"更改失败"}';
										res.end(body);
									} else {
										let body = '{"statu":1, "msg":"更改成功"}';
										res.end(body);
									}
									conn.release()
								})
							})
						}
					});

				}
			}
		})
	} else if (req.url == URL_SEARCH_STUDENT_LIST) {
		let body = "";
		req.on('data',
		function(chunk) {
			body += chunk;
		});
		req.on('end',
		function() {
			res.writeHead(200, {
				"Content-Type": JSON_HD,
				//跨域三个头
				"Access-Control-Allow-Origin":"*",
				"Access-Control-Allow-Method":"POST,GET",
				"Access-Control-Allow-Headers":"Content-Type"
			});
			if (isJsonString(body) == 0) {
				let body = '{"statu":0,"msg":"非法请求"}';
				res.end(body);
			} else {
				let jsonData = JSON.parse(body);
				if (check_parameters(check_req_stu_list, jsonData) == 0) {
					let body = '{"statu":0,"msg":"非法请求"}';
					res.end(body);
				} else {
					let token = JSON.stringify(jsonData.token);
					token = token.replace(/"/g, '');
					let page_num = jsonData.page_num;
					let page_size = jsonData.page_size;
					let sql = 'SELECT a.id_number, b.candidate_name, b.major, b.audit, c.public_course_score , c.major_course_score FROM user a, userinfo b, score c WHERE a.id_number = b.id_number AND a.id_number = c.id_number AND c.id_number = b.id_number ORDER BY b.major DESC limit ' + page_num + ', ' + page_size + ';';
					jsonWebToken.verify(token, TEA_SECRETORPRIVATEKEY,
					function(err, decode) {
						if (err) {
							let body = '{"statu":0,"msg":"查询失败"}';
							res.end(body);
						} else {
							pool.getConnection(function(err, conn) {
								if (err) {}
								conn.query(sql,
								function(err, data) {
									if (err) {
										console.log(err);
										let body = '{"statu":0,"msg":"查询失败"}';
										res.end(body);
									} else {
										data = JSON.stringify(data);
										let body = '{"statu":1, "data":' + data + ' ,"msg":"查询成功"}';
										res.end(body);
										console.log(data);
									}
									conn.release();
								})
							})
						}
					});

				}
			}
		})
	} else if (req.url == URL_SEARCH_STUDENT_INFORMATION) {
		let body = "";
		req.on('data',
		function(chunk) {
			body += chunk;
		});
		req.on('end',
		function() {
			res.writeHead(200, {
				"Content-Type": JSON_HD,
				//跨域三个头
				"Access-Control-Allow-Origin":"*",
				"Access-Control-Allow-Method":"POST,GET",
				"Access-Control-Allow-Headers":"Content-Type"
			});
			if (isJsonString(body) == 0) {
				let body = '{"statu":0,"msg":"非法请求"}';
				res.end(body);
			} else {
				let jsonData = JSON.parse(body);
				if (check_parameters(check_req_search, jsonData) == 0) {
					let body = '{"statu":0,"msg":"非法请求"}';
					res.end(body);
				} else {
					let token = JSON.stringify(jsonData.token);
					token = token.replace(/"/g, '');
					let id_number = JSON.stringify(jsonData.id_number);
					let sql = 'SELECT * FROM userinfo WHERE id_number = ' + id_number + ';';
					jsonWebToken.verify(token, TEA_SECRETORPRIVATEKEY,
					function(err, decode) {
						if (err) {
							let body = '{"statu":0,"msg":"查询失败"}';
							res.end(body);
						} else {

							pool.getConnection(function(err, conn) {
								if (err) {}
								conn.query(sql,
								function(err, data) {
									if (err) {
										let body = '{"statu":0,"msg":"查询失败"}';
										res.end(body);
									} else {
										if (JSON.stringify(data) == "[]") {
											let body = '{"statu":0,"msg":"查询失败"}';
											res.end(body);
										} else {
											let body = '[{"statu":1,"msg":"查询成功"},{"candidate_name":"' + data[0].candidate_name + '","id_number":"' + data[0].id_number + '","nation":"' + data[0].nation + '","home_address":"' + data[0].home_address + '","gender":"' + data[0].gender + '","political_outlook":"' + data[0].political_outlook + '","birth_data":"' + data[0].birth_data + '","face":"' + data[0].face + '"},{"contact_number":"' + data[0].contact_number + '","postcode":"' + data[0].postcode + '","contact_address":"' + data[0].contact_address + '","emergency_contact":"' + data[0].emergency_contact + '","emergency_contact_mode":"' + data[0].emergency_contact_mode + '"},{"graduate_school":"' + data[0].graduate_school + '","graduation_school_code":"' + data[0].graduation_school_code + '","graduation_major":"' + data[0].graduation_major + '","diploma_code":"' + data[0].diploma_code + '","registration_institutions":"' + data[0].registration_institutions + '","registered_institution_code":"' + data[0].registered_institution_code + '","major":"' + data[0].major + '","major_code":"' + data[0].major_code + '","tcandidate_type":"' + data[0].tcandidate_type + '"},{"awards":"' + data[0].awards + '","specialty":"' + data[0].specialty + '","remarks":"' + data[0].remarks + '", "audit":"' + data[0].audit + '"}]';
											res.end(body);
										}
									}
									conn.release();
								})
							})
						}

					})
				}
			}
		})
	} else if (req.url == URL_SEARCH_COURSE) {
		let body = "";
		req.on('data',
		function(chunk) {
			body += chunk;
		});
		req.on('end',
		function() {
			res.writeHead(200, {
				"Content-Type": JSON_HD,
				//跨域三个头
				"Access-Control-Allow-Origin":"*",
				"Access-Control-Allow-Method":"POST,GET",
				"Access-Control-Allow-Headers":"Content-Type"
			});
			if (isJsonString(body) == 0) {
				let body = '{"statu":0,"msg":"非法请求"}';
				res.end(body);
			} else {
				let jsonData = JSON.parse(body);
				if (check_parameters(check_req_course, jsonData) == 0) {
					let body = '{"statu":0,"msg":"非法请求"}';
					res.end(body);
				} else {
					let major_code = JSON.stringify(jsonData.major_code);
					let sql = 'SELECT * FROM major WHERE major_code = ' + major_code + ';';
					pool.getConnection(function(err, conn) {
						if (err) {}
						conn.query(sql,
						function(err, data) {
							if (err) {
								let body = '{"statu":0,"msg":"查询失败"}';
								res.end(body);
							} else {
								if (JSON.stringify(data) == "[]") {
									let body = '{"statu":0,"msg":"查询失败"}';
									res.end(body);
								} else {
									let body = '[{"statu":1,"msg":"查询成功"},{"major":"' + data[0].major + '","public_course":"' + data[0].public_course + '","major_course":"' + data[0].major_course + '"}]';
									res.end(body);
								}
							}
							conn.release();
						})
					})
				}

			}
		})
	} else if (req.url == URL_TEACHER_REGISTER) {
		let body = "";
		req.on('data',
		function(chunk) {
			body += chunk;
		});
		req.on('end',
		function() {
			res.writeHead(200, {
				"Content-Type": JSON_HD,
				//跨域三个头
				"Access-Control-Allow-Origin":"*",
				"Access-Control-Allow-Method":"POST,GET",
				"Access-Control-Allow-Headers":"Content-Type"
			})
			if (isJsonString(body) == 0) {
				let body = '{"statu":0,"msg":"非法请求"}';
				res.end(body);
			} else {
				let jsonData = JSON.parse(body);
				if (check_parameters(check_req_tea_login, jsonData) == 0) {
					let body = '{"statu":0,"msg":"非法请求"}';
					res.end(body);
				} else {
					let phone_number = JSON.stringify(jsonData.phone_number);
					let password = JSON.stringify(jsonData.password); 
					let sql = 'INSERT INTO teacher(phone_number, password) VALUES(' + phone_number + ', ' + password + ');';
					pool.getConnection(function(err, conn) {
						if (err) {}
						conn.query(sql,
						function(err, data) {
							if (err) {
								let body = '{"statu":0,"msg":"注册失败"}';
								res.end(body);
							} else {
								let body = '{"statu":1,"msg":"注册成功"}';
								res.end(body);
							}
							conn.release();
						})
					});

				}
			}
		})
	} else if (req.url == URL_STUDENT_REGISTER) {
		let body = "";
		req.on('data',
		function(chunk) {
			body += chunk
		});
		req.on('end',
		function() {
			res.writeHead(200, {
				"Content-Type": JSON_HD,
				//跨域三个头
				"Access-Control-Allow-Origin":"*",
				"Access-Control-Allow-Method":"POST,GET",
				"Access-Control-Allow-Headers":"Content-Type"
			});
			if (isJsonString(body) == 0) {
				let body = '{"statu":0,"msg":"非法请求"}';
				res.end(body);
			} else {
				let jsonData = JSON.parse(body);
				if (check_parameters(check_req_stu_login, jsonData) == 0) {
					let body = '{"statu":0,"msg":"非法请求"}';
					res.end(body);
				} else {
					let id_number = JSON.stringify(jsonData.id_number);
					let password = JSON.stringify(jsonData.password); 
					let sql = 'INSERT INTO user(id_number, password) VALUES(' + id_number + ', ' + password + ');INSERT INTO score(id_number, public_course_score, major_course_score, enroll) VALUES(' + id_number + ', "暂无", "暂无", "未录取"); INSERT INTO userinfo(id_number,candidate_name,major,audit) VALUES(' + id_number + ',"未上传","未上传","未通过");';
					pool.getConnection(function(err, conn) {
						if (err) {}
						conn.query(sql,
						function(err, data) {
							if (err) {
								console.log(err);
								let body = '{"statu":0,"msg":"注册失败"}';
								res.end(body);
							} else {
								let body = '{"statu":1,"msg":"注册成功"}';
								res.end(body);
							}
							conn.release();
						})
					});
				}
			}
		})
	} else {
		res.writeHead(200, {
			"Content-Type": JSON_HD,
			//跨域三个头
			"Access-Control-Allow-Origin":"*",
			"Access-Control-Allow-Method":"POST,GET",
			"Access-Control-Allow-Headers":"Content-Type"
		});
		let body = '{"statu":0,"msg":"非法请求"}';
		res.end(body);
	}
}).listen(8888);

console.log('Server is running');

function create_token(content, key) {
	let token = jsonWebToken.sign(content, key, {
		expiresIn: 60 * 60 * 1
	});
	return token;
}
function isJsonString(str) {
	try {
		if (typeof JSON.parse(str) == "object") {
			return 1;
		}
	} catch(e) {
		return 0;
	}
}
function check_parameters(check, jsonData) {
	let flag = 1;
	let i = 0;
	for (let key in jsonData) {
		if (key != check[i]) {
			flag = 0;
		}
		i++
	}
	return flag;
}